The update addresses 49 vulnerabilities within 10 security bulletins. five of which are critical to the system and concern remote coding execution vulnerabilities. affect the edge browser, windows office, skype and adobe flash player.
Microsoft said today that there were 4 initial flaws bug , previously unknown bugs which was exploited by hackers.
This should be a warning to users to be cautious clicking on links , downloading attachment or opening files from unknown sources.
READ SUGGESTION - How to secure your email from being spied on.
The zero-day bug in a recent disclosure by microsoft flaws contained in the bullietin. would allow a hacker to check for files on disk , however before this is possible the user has to be lured to a exploited malicious website.
Microsoft office contains memory-corruption vulnerability, CVE-2016-7193 which could allow a attacker to take control of a system if the current user is logged on with administrative user rights.
All the hacker has to do is send a malicious email link or attachment which convince the user to visit the attack site .
Microsoft notes that from early 2017 it will begin adding older fixes to the preview rollup so that it eventually becomes "fully cumulative" and ensures PCs with the latest monthly rollup are fully updated.
The .NET Framework is also moving to the monthly rollup model and will include "security and reliability updates to all versions of the .NET Framework as a single monthly release, targeting the same timing and cadence as Windows".
About HNO
0 comments:
Post a Comment